6.1

CVSS3.1

CVE-2025-2166 - CM FAQ – Simplify support with an intuitive FAQ management tool <= 1.2.5 - Reflected Cross-Site Sc…

The CM FAQ – Simplify support with an intuitive FAQ management tool plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticate…

πŸ“… Published: March 14, 2025, 4:22 a.m. πŸ”„ Last Modified: March 14, 2025, 4:22 a.m.

9.8

CVSS3.1

CVE-2024-11284 - WP JobHunt <= 7.1 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's identity prior to updating their password through the account_settings_save_callback() function. This …

πŸ“… Published: March 14, 2025, 4:22 a.m. πŸ”„ Last Modified: March 14, 2025, 4:22 a.m.

4.3

CVSS3.1

CVE-2025-1528 - Search and filter pro <= 2.5.19 - Missing Authorization to Authenticated (Subscriber+) Post Meta Ex…

The Search & Filter Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_meta_values' function in all versions up to, and including, 2.5.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to …

πŸ“… Published: March 14, 2025, 4:22 a.m. πŸ”„ Last Modified: March 14, 2025, 4:22 a.m.

5.3

CVSS3.1

CVE-2025-1285 - Resido - Real Estate WordPress Theme <= 3.6 - Missing Authorization to Unauthenticated Server-Side …

The Resido - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the delete_api_key and save_api_key AJAX actions in all versions up to, and including, 3.6. This makes it possible for unauthenticated attackers to issue requests t…

πŸ“… Published: March 14, 2025, 4:22 a.m. πŸ”„ Last Modified: March 14, 2025, 4:22 a.m.

9.8

CVSS3.1

CVE-2024-11285 - WP JobHunt <= 7.1 - Unauthenticated Privilege Escalation via Email Update/Account Takeover

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the account_settings_callback() function. This…

πŸ“… Published: March 14, 2025, 4:22 a.m. πŸ”„ Last Modified: March 14, 2025, 4:22 a.m.

7.8

CVSS3.1

CVE-2024-55549 -

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 a.m.

0.0

CVE-2025-30022 -

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the DATANASC parameter.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 a.m.

0.0

CVE-2025-26163 -

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the CPF parameter.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 a.m.

7.8

CVSS3.1

CVE-2025-24855 -

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 a.m.

3.3

CVSS3.1

CVE-2025-27496 - Snowflake JDBC Driver client-side encryption key in DEBUG logs

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. When the logging level was set to DEBUG, the Driver would log locally the client-side encryption ma…

πŸ“… Published: March 13, 2025, 7:01 p.m. πŸ”„ Last Modified: March 13, 2025, 7:51 p.m.
Total resulsts: 285233
Page 2 of 28,524
Β« previous page Β» next page
Filters